The goal is to make your business very difficult to hack that it is no longer economically viable for terrorists to attack it in the first place.
That’s the best insurance you can give to your business.
And yet, so often their system is vulnerable owing to ineptness, cluelessness, or laziness. For example, when the City of Baltimore's system got locked up, the attacker exploited a vulnerability for which MS had issued a patch *2 years earlier* (if memory serves). Anne -- Anne P. Mitchell, Attorney at Law CEO Get to the Inbox by SuretyMail, GetToTheInbox.com Dean of Cyberlaw and Cyber Security, Lincoln Law School Email Marketing Deliverability and Best Practices Expert Board of Directors, Denver Internet Exchange Former Counsel: MAPS Anti-Spam Blacklist Chair Emeritus, Asilomar Microcomputer Workshop